Closed GDWBaer closed 2 years ago
I'll have a look in the next few days. Thanks for the issue.
I actually linked an outdated repo. Sorry. However the issue still exists in the new repo: https://github.com/go-git/go-git/issues/64
@GDWBaer I developed a fix in #171. It is released as ghcr.io/ckotzbauer/sbom-operator:0.17.0-alpha.0
. Can you please test it with the new --git-username
, --git-password
and --git-fallback-clone
flags and give feedback? I tested it with AWS CodeCommit and Azure DevOps and it worked.
@ckotzbauer Thank you very much. I'll try to test it this week.
@ckotzbauer I tested it with all three new flags. Cloning into the target git repo on DevOps worked well. However the --git-branch
flag was not beeing respected in this context so that the new SBOMs ended up in the master branch.
Additionally I tested to combine the --git-fallback-clone
flag in the helm-chart with the SBOM_GIT_ACCESS_TOKEN
from secret which did not work out.
May I suggest adding a settable variable for the docker image tag to the helm chart? This would speed up debugging for me since had to edit the chart yaml in the cluster. ;)
Much thanks for testing 🎉
However the --git-branch flag was not beeing respected in this context so that the new SBOMs ended up in the master branch.
Uh, yes I forgot about the branch-parameter, I'll fix that. 😉
Additionally I tested to combine the --git-fallback-clone flag in the helm-chart with the SBOM_GIT_ACCESS_TOKEN from secret which did not work out.
Hm, yes. Currently with the fallback-clone active the token is not respected (only username and password). I'll try to integrate that as well.
May I suggest adding a settable variable for the docker image tag to the helm chart? This would speed up debugging for me since had to edit the chart yaml in the cluster. ;)
You can overwrite the tag in the helm-chart: https://github.com/ckotzbauer/helm-charts/blob/main/charts/sbom-operator/values.yaml#L7. The version from Chart.yaml
is only a fallback.
When I try to configure a private Azure DevOps git repo as a target cloning fails with the following message:
level=error msg="Open or clone failed" error="unexpected client error: unexpected requesting \"https://*******@dev.azure.com/****/*************/_git/**************/git-upload-pack\" status code: 400"
I suspect the go-git lib to be responsible here as other people report similar issues: https://github.com/src-d/go-git/issues/335
This seems to have been solved for other projects by falling back to git client: https://github.com/argoproj/argo-cd/pull/1244